<head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<title>kali工具箱</title>
<script src="./static/bootstrap.min.js"></script>
<link rel="stylesheet" href="./static/main.css">
<link rel="stylesheet" href="./static/bootstrap.min.css">
<style type="text/css" id="syntaxhighlighteranchor"></style>
</head>
<main class="main-container ng-scope" ng-view="">
<div class="main receptacle post-view ng-scope">
<article class="entry ng-scope" ng-controller="EntryCtrl" ui-lightbox="">
<section class="entry-content ng-binding" ng-bind-html="postContentTrustedHtml">
<section class="l-section"><div class="l-section-h i-cf"><h2>Ncrack Package Description</h2>
<p style="text-align: justify;">Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords. Security professionals also rely on Ncrack when auditing their clients. Ncrack was designed using a modular approach, a command-line syntax similar to Nmap and a dynamic engine that can adapt its behaviour based on network feedback. It allows for rapid, yet reliable large-scale auditing of multiple hosts. </p>
<p>Ncrack’s features include a very flexible interface granting the user full control of network operations, allowing for very sophisticated bruteforcing attacks, timing templates for ease of use, runtime interaction similar to Nmap’s and many more. Protocols supported include RDP, SSH, http(s), SMB, pop3(s), VNC, FTP, and telnet.</p>
<p>Source: http://nmap.org/ncrack/<br>
<a href="http://nmap.org/ncrack/" variation="deepblue" target="blank">Ncrack Homepage</a> | <a href="http://git.kali.org/gitweb/?p=packages/ncrack.git;a=summary" variation="deepblue" target="blank">Kali Ncrack Repo</a></p>
<ul>
<li>Author: Insecure.Com LLC</li>
<li>License: GPLv2</li>
</ul>
<h3>Tools included in the ncrack package</h3>
<h5>ncrack – High-speed network authentication cracking tool</h5>
<code><a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="d0a2bfbfa490bbb1bcb9">[email&#160;protected]</a><script data-cfhash='f9e31' type="text/javascript">/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName('script'),e=t.length;e--;)if(t[e].getAttribute('data-cfhash'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute('data-cfemail')){for(e='',r='0x'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+='%'+('0'+('0x'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */</script>:~# ncrack -h<br>
Ncrack 0.4ALPHA ( http://ncrack.org )<br>
Usage: ncrack [Options] {target and service specification}<br>
TARGET SPECIFICATION:<br>
  Can pass hostnames, IP addresses, networks, etc.<br>
  Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254<br>
  -iX &lt;inputfilename&gt;: Input from Nmap's -oX XML output format<br>
  -iN &lt;inputfilename&gt;: Input from Nmap's -oN Normal output format<br>
  -iL &lt;inputfilename&gt;: Input from list of hosts/networks<br>
  --exclude &lt;host1[,host2][,host3],...&gt;: Exclude hosts/networks<br>
  --excludefile &lt;exclude_file&gt;: Exclude list from file<br>
SERVICE SPECIFICATION:<br>
  Can pass target specific services in &lt;service&gt;://target (standard) notation or<br>
  using -p which will be applied to all hosts in non-standard notation.<br>
  Service arguments can be specified to be host-specific, type of service-specific<br>
  (-m) or global (-g). Ex: ssh://10.0.0.10,at=10,cl=30 -m ssh:at=50 -g cd=3000<br>
  Ex2: ncrack -p ssh,ftp:3500,25 10.0.0.10 scanme.nmap.org google.com:80,ssl<br>
  -p &lt;service-list&gt;: services will be applied to all non-standard notation hosts<br>
  -m &lt;service&gt;:&lt;options&gt;: options will be applied to all services of this type<br>
  -g &lt;options&gt;: options will be applied to every service globally<br>
  Misc options:<br>
    ssl: enable SSL over this service<br>
    path &lt;name&gt;: used in modules like HTTP ('=' needs escaping if used)<br>
TIMING AND PERFORMANCE:<br>
  Options which take &lt;time&gt; are in seconds, unless you append 'ms'<br>
  (miliseconds), 'm' (minutes), or 'h' (hours) to the value (e.g. 30m).<br>
  Service-specific options:<br>
    cl (min connection limit): minimum number of concurrent parallel connections<br>
    CL (max connection limit): maximum number of concurrent parallel connections<br>
    at (authentication tries): authentication attempts per connection<br>
    cd (connection delay): delay &lt;time&gt; between each connection initiation<br>
    cr (connection retries): caps number of service connection attempts<br>
    to (time-out): maximum cracking &lt;time&gt; for service, regardless of success so far<br>
  -T&lt;0-5&gt;: Set timing template (higher is faster)<br>
  --connection-limit &lt;number&gt;: threshold for total concurrent connections<br>
AUTHENTICATION:<br>
  -U &lt;filename&gt;: username file<br>
  -P &lt;filename&gt;: password file<br>
  --user &lt;username_list&gt;: comma-separated username list<br>
  --pass &lt;password_list&gt;: comma-separated password list<br>
  --passwords-first: Iterate password list for each username. Default is opposite.<br>
OUTPUT:<br>
  -oN/-oX &lt;file&gt;: Output scan in normal and XML format, respectively, to the given filename.<br>
  -oA &lt;basename&gt;: Output in the two major formats at once<br>
  -v: Increase verbosity level (use twice or more for greater effect)<br>
  -d[level]: Set or increase debugging level (Up to 10 is meaningful)<br>
  --nsock-trace &lt;level&gt;: Set nsock trace level (Valid range: 0 - 10)<br>
  --log-errors: Log errors/warnings to the normal-format output file<br>
  --append-output: Append to rather than clobber specified output files<br>
MISC:<br>
  --resume &lt;file&gt;: Continue previously saved session<br>
  -f: quit cracking service after one found credential<br>
  -6: Enable IPv6 cracking<br>
  -sL or --list: only list hosts and services<br>
  --datadir &lt;dirname&gt;: Specify custom Ncrack data file location<br>
  -V: Print version number<br>
  -h: Print this help summary page.<br>
MODULES:<br>
  FTP, SSH, TELNET, HTTP(S), POP3(S), SMB, RDP, VNC<br>
EXAMPLES:<br>
  ncrack -v --user root localhost:22<br>
  ncrack -v -T5 https://192.168.0.1<br>
  ncrack -v -iX ~/nmap.xml -g CL=5,to=1h<br>
SEE THE MAN PAGE (http://nmap.org/ncrack/man.html) FOR MORE OPTIONS AND EXAMPLES</code>
<h3>ncrack Usage Example</h3>
<p>Use verbose mode <b><i>(-v)</i></b>, read a list of IP addresses <b><i>(-iL win.txt)</i></b>, and attempt to login with the username victim <b><i>(–user victim)</i></b> along with the passwords in a dictionary <b><i>(-P passes.txt)</i></b> using the RDP protocol <b><i>(-p rdp)</i></b> with a one connection at a time <b><i>(CL=1)</i></b>:</p>
<code><a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="92e0fdfde6d2f9f3fefb">[email&#160;protected]</a><script data-cfhash='f9e31' type="text/javascript">/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName('script'),e=t.length;e--;)if(t[e].getAttribute('data-cfhash'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute('data-cfemail')){for(e='',r='0x'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+='%'+('0'+('0x'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */</script>:~# ncrack -v -iL win.txt --user victim -P passes.txt -p rdp CL=1<br>
<br>
Starting Ncrack 0.4ALPHA ( http://ncrack.org ) at 2014-05-19 09:54 EDT<br>
<br>
rdp://192.168.1.220:3389 finished.<br>
Discovered credentials on rdp://192.168.1.200:3389 'victim' 's3cr3t'</code>
</div></section><div style="display:none">
<script src="//s11.cnzz.com/z_stat.php?id=1260038378&web_id=1260038378" language="JavaScript"></script>
</div>
</main></body></html>
